[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: JBoss, Tomcat, CVE-2008-1232 and related
jfrederic.clere@jboss.com
do-not-reply at jboss.com
Fri Sep 12 02:32:28 EDT 2008
Look in http://anonsvn.jboss.org/repos/jbossas/tags/JBoss_4_0_3_SP1/build/build-thirdparty.xml
It says:
+++
+++
So it uses the tomcat from http://repository.jboss.com/apache-tomcat/5.5.9jboss/src/
Looks a normal tc-5.5.9.
So look in http://tomcat.apache.org/security-5.html
Answer yes your are vulnerable.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4176030#4176030
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4176030
More information about the jboss-user
mailing list